5
Introduction Random Number GenerationRandom Number Generation –Von Neumann is often quoted as having stated: Anyone who considers arithmetic methods of producing random digits is, of course, in a state of sin. Testing RNGsTesting RNGs –He also stated, …that in his experience it was more trouble to test random sequences than to manufacture them.

6
NIST Goals A set of statistical tests suitable in the assessment of the randomness of (P)RNGs. Provide supporting documentation. Inclusion of the tests in the Cryptographic Module Validation Program? Development of a Special Publication?

7
Work In Progress The development of several documents: –A Statistical Test Suite for the Validation of Cryptographic RNGs including test strategy and test interpretation. –The NIST Statistical Test Suite Users Guide Version 1.0 A reference implementation in ANSI C.

11
Overview of the NIST Test Suite Runs Test –Assess the expected total number of runs. Long Runs Test –Assess the distribution of runs of ones; runs should not exceed log 2 n. Marsaglias Rank Test –Assess the distribution of the rank for 32x32 binary matrices.

13
Overview of the NIST Test Suite NonOverlapping Template Matching Test –Assess the frequency of m-bit nonperiodic patterns. Cumulative Sums Test –Assess that the sum of partial sequences isnt too large or too small; indicative of too many 0s or 1s. Random Excursions Test –Assess the distribution of states within a cycle of a random walk.

17
Overview of The NIST Test Suite Maurers Universal Statistical Test –Assess the compressibility of a bitstring. Lempel-Ziv Complexity Test –Assess the compressibility of a bitstring. Linear Complexity Test –Assess the linear complexity of a bitstring; the shortest LFSR that can generate the bitstring.

20
Poor PRNGs XOR PRNG –Fails the linear complexity test, rank test and several other tests. Failure due to the simplicity of the scheme. HPC Key Avalanche –Fails the monobits test, approximate entropy test and several others. Failure due to the existence of equivalent keys.

21
Our Efforts Tests developed for cryptographic use. Full scientific documentation provided (each algorithm based on rigorous math). Sixteen statistical tests fully developed to date; over 200 if one considers alternate input parameters.

23
Summary Statistical tests are very important in ensuring good quality (P)RNGs. Statistical tests are necessary but not sufficient to recommend a (P)RNG. A statistical test suite must be diverse. In the last two years, NIST has developed over 200 tests.